Hmm... I would have imagined that the maintainers of the roots would have LONG ago turned if ICMP at the routers. That doesn't stop ICMP requests from flooding the routers, but then you realize that the routers feeding these boxes have some decent load balancing going on, so you'd have to REALLY do a massive PoD (ping of death) to swamp it, and even then you're just pegging the router, not the actual DNS server.
Oh well... I figured that just doing a flood of dns lookups might have been sufficient to peg these machines. Nothing more complicated than a bunch of machines doing tons of UDP requests to port 51 and then not even bothering to listen for a response before sending thousands more.
To answer other questions, I could be entirely off my rocker, but I'm fairly certain the roots run just customized *nix of some form, with only DNS doing anything on the machine. Nothing too fancy besides some nice hardware, stable OS, plenty of redundant bandwidth. DNS requests aren't exactly high bandwidth anyway, so it takes surprisingly little to be able to manage a lot of requests.
That surprised me as well. But, in the posting that I referenced, someone was in the process of writing a paper about the vulnerability, so it was already known.
To answer other questions, I could be entirely off my rocker, but I'm fairly certain the roots run just customized *nix of some form, with only DNS doing anything on the machine.
That's what I would expect as well. Of course, you may be able to get a response from other ports at the same IP address, but it's a simple matter to redirect requests to other servers at the firewall/router.